At MDaemon Technologies, the health and safety of our employees, customers and partners is our primary concern. As a global technology company, we are monitoring the developments of the Novel Coronavirus (COVID-19) pandemic very closely. Our entire staff is trained and participates in our remote workforce program and we are committed to providing seamless support to our customers’ business operations.

On Monday, May 14th, the Electronic Frontier Foundation (EFF) reported that European researchers had discovered core problems and commonplace implementation flaws in the S/MIME and OpenPGP protocol specifications. The vulnerability, which the researchers have described as EFAIL, can reportedly expose the content of encrypted emails (even messages sent in the past) to be viewed. The EFAIL vulnerability affects many email clients that use S/MIME and OpenPGP. There is a list of email clients with vulnerabilities by protocol in an article posted at thehackernews.com.

It’s very important to understand that to be at risk for this vulnerability, attackers would need access to your emails. This means that your email system has been compromised by an attacker who has access to the encrypted emails through tactics such as eavesdropping on network traffic (also known as a man-in-the-middle (MITM) attack), compromised email accounts, access to email servers, backup systems or client computers, usually achieved through social engineering attacks, such as Phishing and other tactics.

We have checked our own web-based email client (MDaemon Webmail) and our MDaemon OpenPGP-based encryption feature. Our results show that MDaemon Webmail is not vulnerable. However, the MDaemon email server OpenPGP feature is partially vulnerable to one implementation flaw. We have released a patch for affected versions of MDaemon email software, which can be found here. The current version of the MDaemon email server, v18.0.1, includes this fix.

A Reminder on the Best Email Security Practices

This latest issue should remind us all about the importance of email security practices as a whole. Implementing strong passwords, two-factor authentication, location screening, SSL/TLS, SMTP AUTH, IP Shielding, dynamic screening, freezing accounts after failed authentication attempts, all play a role in helping to keep your accounts and your email safe. You can review a list of email security features in MDaemon here.

If you’ve implemented security to help protect malicious people from accessing your email accounts, then you are less likely to have an account compromised and you will be better protected against these types of attacks and vulnerabilities.

Ongoing Monitoring

While the researchers go into some depth to expose issues deep within the S/MIME and OpenPGP specification documents, these encryption protocols may need specification changes to address the longer-term issues mentioned in the initial report. MDaemon Technologies will continue to monitor this issue.

Additional Resources

We have provided links to past blog posts that cover a number of email security topics to provide additional information:

Can businesses really afford to be without what is arguably the most important business tool? Or are we seeing a slow erosion in accepted availability of email as more and more companies move to the cloud?

When I talk to many customers and resellers who are deciding to take their email to the cloud, the primary reason seems to be that they don’t want the hassle of dealing with SPAM, phishing, ransomware, etc. and users’ complaints. As some put it, “I’d rather put that burden on someone else.” Sure there is the argument of moving the cost to monthly operational costs, which for some can appear to be a savings. Even over at SpiceWorks, a one stop shop for IT Pros, discussions are always ongoing about O365 versus on-premise. And we’ve posted our own email platform price comparisons with some help from Osterman Research.

Now I recognize that for many companies the cloud ship has sailed. They’ve committed to putting their software into the hands of a third party provider, trusting that the provider will be as responsive and careful with their information as their own IT professional. And for many small businesses with limited resources, it does make sense.

But if you’re a business that still has trust issues when it comes to your company’s email, and believe me that’s not a bad thing, then there is still a very affordable alternative. The MDaemon email server has been trusted for over 20 years by companies around the globe. And if you have over 100 email users and you’re using Microsoft Exchange, you will save both in cost and time. It’s just one reason we see weekly migrations to the MDaemon platform.

Using the cloud for email is not inherently a bad thing depending on your company’s needs. But if privacy and control are important and you’re curious about an email alternative, you can learn how MDaemon’s email server features compare to what you are currently using. Or, simply ask Brad to give you a personal demo of the software by sending a message to training@mdaemon.com.

Better yet, just take MDaemon for a free, 30-day test drive and find out what other IT pros know.

As we welcome in a New Year, we are also welcoming a new company name. Alt-N Technologies is transitioning to MDaemon Technologies. This change is now in motion and will be implemented gradually across our many company assets.

We are adopting the new name to better leverage the brand equity and recognition we have built over the many years with our trusted email server. The new name will consolidate our brand and align the company around a globally recognized name.

With the name change also brings the new tag line: Simple Secure Email. We believe this tag line summarizes the value many of our global customers and partners have expressed over the years and is synonymous with the attributes that have made MDaemon a popular email server with many IT professionals and resellers.

We may have a new name but our mission and focus remain the same: develop features in our email server and email gateway products that deliver value (reliability, security, and flexibility) to the IT professionals that put their trust in us.

For more than 20 years we have succeeded by listening to our global customers and delivering exceptional service. We treat our employees, customers and channel partners like family and we believe this is just one of the many reasons why we remain a trusted vendor in an ever changing and competitive email and email security market. We may not be the biggest company you will deal with, but we strive to be the best company you deal with!

2016 was an exciting year for Alt-N Technologies as it marked the 20th anniversary of the MDaemon email server for Windows and our ongoing efforts to bring affordable, secure, and reliable email and email security software to the small-to-medium business segment. And as many of you know, a lot has changed in the last 20 years. One thing that hasn’t changed over the years is the ongoing threat of people trying to use email as the primary method to attack an organization or steal personal information.

Like any form of communication, it can be used for good or bad. Unfortunately, when email was initially developed, its creators didn’t anticipate the ways bad actors would exploit the technology through methods like phishing, hacking, and launching disabling applications like ransomware, Trojans, etc.

2016 also reflected changes the industry continues to see in the area of deployment options. We saw some resellers and customers turning over the management of their email to MSPs (Managed Service Provider) or other third-party providers. The driver for this behavior varied by customer and industry but can be summarized by the desire to move hardware and software costs from capital expenditures (CAPex) to operational expenditures (OPex), with pros and cons to each approach. Alt-N worked with many existing and new channel partners to see MDaemon Private Cloud hosted email services introduced into new markets like Africa, Asia Pacific, and Latin America with continued growth in existing markets like North America and Europe.

With regards to hosted email services, we also received growing requests from direct customers asking Alt-N to manage their email. In response, Alt-N launched its own service using the MDaemon Private Cloud version of the software by introducing WorldClient Private Email for Business. With this new service offer, we have been able to meet the needs of direct customers who want us to manage their email, such as a 600-user customer who chose our service and support after having a large Office365 reseller attempt to convert them away from MDaemon!

For 2017, we will look for sales growth in new and emerging markets while working hard to earn and retain the loyalty and support of our existing customers. We will continue our efforts to add valuable features to MDaemon and SecurityGateway for Email Servers as those products remain the focus of our development efforts. We will be working on improving features that support cloud-based deployments while keeping a close eye on the needs of customers who want the control of on-premise and hybrid environments. And we will continue to look for new ways to enhance and bring value through our partnerships with complimentary vendors like MailStore, as well as seek out new technologies and vendors to make integration with our software simple and easy to use.

As we begin 2017, we want to express our sincere gratitude to those customers and channel partners who have helped Alt-N Technologies grow these past 20 years. We also look forward to earning the business of new customers and partners as we work toward a successful 2017.

As always, we invite you to tell us what you think by sending us your feedback. You can reach me directly at kevin(dot)beatty(at)altn(dot)com.

Coincidence? Not really. However, it’s nice to see that major version releases of MDaemon now correlate to the year of the release.

Of course, we will continue to add additional features and minor releases throughout the year. For some, this alignment may not seem like a big deal. But for others, it will help them easily identify when they are on older versions and investigate what new features they could be using.

Like many companies we communicate each time a new version is released to share what new features and fixes customers can expect. We even have a web page dedicated to MDaemon features by version to highlight the changes within each release. Yet I’m consistently amazed to hear from customers who are on older versions of the Windows-based email software say, “I didn’t know you had that feature!”

To help, we’re going to take more time to share use cases and highlight many of the more popular features of MDaemon, and more importantly WHY you should care. After all, we add these features because our customers request them. Just have a look atAlt-N’s Idea Engine and you can get a sense of just how many requests get submitted and voted upon.

For now, I’ve summarized some key features in MDaemon 16 below. And as always, more technical detail can be found in the release notes on the MDaemon download page.

Throughout the year you can expect more information and detail coming from me and the team to help you understand the value of the features and why they are important.

So, please stay tuned!

MDaemon 16 New Features for End Users

Contact Synchronization using CardDAV

Building off the previous addition of CalDAV for calendar synchronization, users can now synchronize their contacts with their favorite mobile device or other mail client using the CardDAV protocol. Notable CardDAV clients are Apple Address Book (included with Mac OS X), Apple iOS (iPhone), and Mozilla Thunderbird via the SOGO plugin.

Improved WorldClient Web-based Email Security

WorldClient has added Two Factor Authentication (TFA) to make users more secure when strong passwords may not have been implemented. WorldClient users who enable Two Factor Authentication will be required to enter a verification code before they can have a logged in session. This feature can be used with any client that supports Google Authenticator (available in the Google Play store).

MDaemon 16 New Features for Administrators

Flexible Email Account Migration Tool

A new migration app is available along with MDaemon’s original MDMigrator, which allows administrators to migrate data from Microsoft Exchange Server. The new ActiveSync Migration Client for MDaemon provides improved migration support for administrators by easily migrating email, calendars, tasks, notes, and contacts from any mail server that supports ActiveSync protocol version 14.1.

Spambot Detection

MDaemon’s new Spambot Detection feature tracks the originating IP address from which every return-path value (sender) uses over a period of time. If the same return-path is used by multiple IP addresses (more than can normally be expected) within a given period of time, then this typically indicates a possible spambot network is being used. When a spambot is detected, the connection is dropped and the sending address can optionally be blacklisted for a designated period of time.

Remote Administration on Mobile Devices

MDaemon’s browser-based Remote Administration application has been updated with a more dynamic design that automatically adjusts information based on the size of the screen used – whether the user is on a phone, tablet, or PC.

Improved API for Complimentary Applications

MDaemon now includes an XML API which allows third-party developers to integrate complimentary applications (such as CPanel, etc.) with MDaemon. The API allows for the retrieval of information from MDaemon, including lists, accounts, domains, and more, and also provides the ability to make configuration change

IMPORTANT NOTE: This promotion is for Alt-N customers and resellers who work directly with Alt-N. MailStore uses other Alt-N Distribution partners in various countries for sales and you should check your country for specific sales by visiting the MailStore partner page

Be sure to take advantage of these offers today!

* Promotions cannot be combined and you must meet the 50% upgrade offer requirements. 20% offer expires March 31, 2016.

Today we’ve launched the newest version of the MDaemon email server with some exciting new features. Staying true to the company’s focus on email security and end user ease of use, we believe these new features will be welcomed by many of our users across industries.

Encryption Layers for Extended Email Privacy

With a growing emphasis in the market on email privacy, MDaemon 15.5 introduces additional encryption features using Vitru and Open PGP to make it easy for users and administrators to keep email communications private.

On the client side, WorldClient users can enable Virtru for end-to-end encryption. Basic encryption for emails and attachments is included for free within the WorldClient settings menu. Virtru encrypts the user’s email and attachments and does not have access to the encryption keys. For organizations that need to comply with HIPAA or need additional security controls, Virtru Pro is available for an annual subscription of only $24 per user. Virtru Pro allows users and administrators to revoke messages at anytime, see and control forwarding, as well as add expiration data to email messages. For Microsoft Outlook users, the same features (free and Pro) are available using the Virtru for Outlook add-on.

On the server side, Open PGP for MDaemonhas been added to give administrators the ability to use encryption, decryption, and basic key management capabilities through OpenPGP support. This additional layer helps administrators who want to ensure user compliance by managing encryption settings at the server versus the user implemented client level. Also, MDaemon’s Content Filter now contains actions to encrypt and decrypt messages. And finally, server-side encryption capabilities are beneficial when using email archiving with MDaemon.

Managing Employee Workload and Overtime with Email Do Not Disturb

Companies in many countries are being challenged by the need to manage email access “after hours” to prevent overtime pay and promote a stronger work/life balance. To date, most companies can only implement Human Resource policies to address the issue. To help IT Administrators deliver another layer of compliance to the organization, MDaemon 15.5 introduces its “Email Do Not Disturb” feature.

Located within the Accounts | Groups & Templates settings, Do Not Disturb allows the MDaemon administrator to set a time frame during which email may not be accessed by its users. Accounts in this state will receive incoming mail but users may not be able to login to their MDaemon account or send/reply to messages until the Do Not Disturb period has lapsed.

Adding Public Contacts Support in ActiveSync

The ActiveSync server has an option to include and merge a user’s public contacts with their default contacts. This allows users of clients such as Outlook 2013, which does not support multiple contacts folders or global address list searching, to access public contacts. The public contacts are read-only and tagged with “Public” and “Read-Only” categories.

Browser* Desktop Notifications – When launching WorldClient using the LookOut or WorldClient theme, the browser will prompt the user to allow desktop notifications. If accepted, the user will receive notifications of new email messages, new Instant Messages (in the case that the corresponding chat is not in focus), and any change in status of a chat buddy.
*Desktop notifications are not supported by Internet Explorer.

Password Recovery – If enabled, users who have permission to edit their password will be able to enter an alternate email address to reset their password in case they forget it. Once set, if the user attempts to log in with an incorrect password a “forgot password?” link will appear and direct them to a page that asks them to confirm their password recovery email address. If entered correctly, a message containing a link to a page that allows them to change their password is sent. This feature is disabled by default.

Creating a New Event, Task, or Note via Email – Users can easily convert an email message to an event, task or note. This enables users to more easily follow-up on emails that contain information relevant to projects, meetings or other time sensitive activities.

The team of Jerry, Kevin, Alan and Arron will be continuing the global customer visits that began last year and took them to more than 14 countries! These visits are intended to thank customers and partners for their business and to share Alt-N’s product direction while gaining valuable insight and feedback.

This time, they are heading down under to visit customers and channel partners in Australia and New Zealand!

Beginning Monday, February 23rd and ending Thursday, March 5th, the guys will be traveling to four cities in the region to listen, learn and share. Some venues will have formal events while others will be filled with customer and reseller visits.

Here is the breakdown:

Sydney – February 23-24

Melbourne – February 25-27

Auckland – March 2-3

Brisbane – March 4-5

If you’d like to meet with the guys, drop us a reply with your location and we’ll be glad to get in touch to work out the details!

At some point over the years you’ve probably read or heard the refrains stating email is dead. Remember the buzz about Google Wave – part email, part Twitter, part real-time messenger? I remember receiving a message from an industry colleague telling me that Wave was going to kill email. Well, how did that work out?

Helping Email Evolve

Last week Arron (Alt-N’s Director of Product Development) and I attended a relatively obscure conference called Inbox Love. This conference is dedicated to bringing together vendors and developers who seek to make the email experience better. I say obscure because most conferences relating to email focus primarily on email marketing. Inbox Love is all about achieving Inbox Nirvana, the elusive “Zero Inbox” or in general, just improving the email experience by aligning it to the changes in technologies, such as mobile device access, social media and other collaboration tools. The conference is in it’s fourth year and this was the second year I attended. Besides being excited to discover a group of folks who love email as much as we do at Alt-N Technologies, the conference provided a refreshing look at email trends and the opportunity to network with developers and start-up companies who are looking to improve the overall user experience.

Interactivity versus Privacy

One of the most interesting topics of discussion was that of email security. Listening to the discussions between developers who wanted to bring more of a web-like experience to email (greater interactivity and multi-media access) and email privacy proponents, one could almost see a generational divide between the philosophy of openness and the slippery slope of possible abuse that has created such concern, as from the fallout of the Snowden revelations. But the great thing about such interaction is the dialog and cooperation that was evident when people who want to improve the email experience and the those who want to minimize potential abuse, collaborate and share ideas. It was a great example of how balancing email personalization and protection will benefit the email experience of all users.

What Does it Mean for MDaemon Customers?

Arron and I left with a lot of notes, a lot of business cards and a lot of ideas. One of our goals was to let developers know that there are millions of customers whose email communication is not run on Google or Microsoft products. Our other goal was to better understand what products and services are being developed for email and how we can leverage those to be used with MDaemon. I think we accomplished both and now we’re back in the office with lots to review and discuss with the Alt-N team.

Remember, we are always looking for your feedback. If you have a suggestion for us, be sure to comment and review the many posts on Alt-N’s Idea Engine. This is one of the tools we use to help prioritize our development activities.

If you’d like another view of the Inbox Love conference with some specifics on the presentation topics, Emelie Fågelstedt has an excellent post over on her blog.